Skip to content

Latest commit

 

History

History
86 lines (82 loc) · 10.5 KB

TOPBRAVESOFTWARE.md

File metadata and controls

86 lines (82 loc) · 10.5 KB

Back

Top reports from Brave Software program at HackerOne:

  1. Stored XSS in localhost:* via integrated torrent downloader to Brave Software - 119 upvotes, $0
  2. Local files reading from the web using brave:// to Brave Software - 70 upvotes, $5000
  3. Sending arbitrary IPC messages via overriding Function.prototype.apply to Brave Software - 51 upvotes, $5300
  4. Lack of quarantine meta-attribute for downloaded files leads to GateKeeper bypass to Brave Software - 51 upvotes, $50
  5. chrome://brave available for navigation in Release build [-> RCE] + navigation to chrome://* using tab_helper ["Open in new tab"] to Brave Software - 46 upvotes, $2000
  6. Local files reading using link[rel="import"] to Brave Software - 42 upvotes, $400
  7. [Android] HTML Injection in BatterySaveArticleRenderer WebView to Brave Software - 41 upvotes, $150
  8. [iOS/Android] Address Bar Spoofing Vulnerability to Brave Software - 29 upvotes, $200
  9. Navigation to protocol handler URL from the opened page displayed as a request from this page. to Brave Software - 25 upvotes, $200
  10. Local files reading from the "file://" origin through brave:// to Brave Software - 23 upvotes, $400
  11. chrome://brave navigation from web to Brave Software - 21 upvotes, $650
  12. URL Spoof / Brave Shield Bypass to Brave Software - 19 upvotes, $200
  13. RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context to Brave Software - 16 upvotes, $300
  14. DMARC RECORD MISSING to Brave Software - 16 upvotes, $50
  15. Username Information Disclosure via Json response - Using parameter number Intruder to Brave Software - 16 upvotes, $0
  16. Homograph Attack Bypass [ Tested on Linux & Windows ] to Brave Software - 15 upvotes, $100
  17. https://publishers.basicattentiontoken.org/favicon.ico is Vulnerable to CVE-2017-7529 to Brave Software - 15 upvotes, $100
  18. Bypassing Homograph Attack Using /@ [ Tested On Windows ] to Brave Software - 15 upvotes, $50
  19. Homograph attack to Brave Software - 14 upvotes, $100
  20. URL spoofing in Brave for macOS to Brave Software - 14 upvotes, $50
  21. No rate limiting for confirmation email lead to email flooding and leads to enumeration of emails in publishers.basicattentiontoken.org to Brave Software - 14 upvotes, $50
  22. Access to local file system using javascript to Brave Software - 13 upvotes, $100
  23. chrome://brave can still be navigated to, leading to RCE to Brave Software - 12 upvotes, $300
  24. [ios] Address bar spoofing in Brave for iOS to Brave Software - 12 upvotes, $50
  25. Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS to Brave Software - 12 upvotes, $0
  26. HTTP Request Smuggling to Brave Software - 12 upvotes, $0
  27. Navigation to chrome-extension:// origin (internal pages) from the web to Brave Software - 11 upvotes, $300
  28. Download attribute allows downloading local files to Brave Software - 11 upvotes, $100
  29. Unsafe handling of protocol handlers to Brave Software - 11 upvotes, $50
  30. application/x-brave-tab should not be readable. to Brave Software - 10 upvotes, $250
  31. Cross-origin page stays focused before/after downloading + uninformative modal window for download to Brave Software - 10 upvotes, $50
  32. Navigation to restricted origins via "Open in new tab" to Brave Software - 10 upvotes, $50
  33. Brave Browser unexpectedly allows to send arbitrary IPC messages to Brave Software - 9 upvotes, $300
  34. Torrent Viewer extension web service available on all interfaces to Brave Software - 9 upvotes, $200
  35. [Brave browser] WebTorrent has DNS rebinding vulnerability to Brave Software - 9 upvotes, $100
  36. URL spoofing using protocol handlers to Brave Software - 9 upvotes, $75
  37. [DOS] Browser hangs on loading the code snippet to Brave Software - 9 upvotes, $25
  38. Field Day With Protocol Handlers to Brave Software - 8 upvotes, $150
  39. Address Bar Spoofing - Already resolved - Retroactive report to Brave Software - 8 upvotes, $100
  40. DoS in Brave browser for iOS to Brave Software - 8 upvotes, $80
  41. [website] Script injection in newsletter signup https://brave.com/brave_youth_program_signup.html to Brave Software - 8 upvotes, $50
  42. Status Bar Obfuscation to Brave Software - 8 upvotes, $0
  43. Command Execution because of extension handling to Brave Software - 8 upvotes, $0
  44. URI Obfuscation to Brave Software - 7 upvotes, $150
  45. There is vulnebility Click Here TO fix to Brave Software - 7 upvotes, $0
  46. [iOS] URL can be replaceState by blob URL in iOS Brave to Brave Software - 6 upvotes, $100
  47. OS username disclosure to Brave Software - 6 upvotes, $100
  48. Brave Browser potentially logs the last time a Tor window was used to Brave Software - 6 upvotes, $100
  49. 2 Directory Listing on ledger.brave.com & vault-staging.brave.com to Brave Software - 6 upvotes, $50
  50. [DOS] denial of service using code snippet on brave browser to Brave Software - 6 upvotes, $25
  51. Subdomain Takeover of Brave.com to Brave Software - 6 upvotes, $0
  52. Sending arbitrary IPC messages via overriding Array.prototype.push to Brave Software - 6 upvotes, $0
  53. alert() dialogs on chrome-extension:// origin (internal pages) to Brave Software - 6 upvotes, $0
  54. Denial of service attack on Brave Browser. to Brave Software - 5 upvotes, $50
  55. settingcontent-ms files lacks "mark of the web" => execute code by dbl click in Downloads toolbar to Brave Software - 5 upvotes, $0
  56. JavaScript URL Issues in the latest version of Brave Browser to Brave Software - 4 upvotes, $0
  57. invalid homepage URL causes 'uncaught typeerror' or blank state to Brave Software - 4 upvotes, $0
  58. Address bar spoofing in Brave browser via. window close warnings to Brave Software - 4 upvotes, $0
  59. Directory Listing on https://promo-services-staging.brave.com to Brave Software - 4 upvotes, $0
  60. Link obfuscation bug to Brave Software - 4 upvotes, $0
  61. [iOS] URI Obfuscation in iOS application to Brave Software - 3 upvotes, $0
  62. Javascript confirm() crashes Brave on PC to Brave Software - 3 upvotes, $0
  63. Information disclosure of website to Brave Software - 3 upvotes, $0
  64. No user confirmation when an auto-updated extension gets more permissions to Brave Software - 3 upvotes, $0
  65. Denial of service attack(window object) on brave browser to Brave Software - 2 upvotes, $100
  66. links the user may download can be a malicious files to Brave Software - 2 upvotes, $0
  67. Brave payments remembers history even after clearing all browser data. to Brave Software - 2 upvotes, $0
  68. Brave: Admin Panel Access to Brave Software - 2 upvotes, $0
  69. OPEN REDIRECTION at every 302 HTTP CODE to Brave Software - 2 upvotes, $0
  70. Cross domain tracking even with 3rd party cookies disabled. to Brave Software - 2 upvotes, $0
  71. Clickjacking or URL Masking to Brave Software - 1 upvotes, $0
  72. homograph-attack (unicode vuln) to Brave Software - 1 upvotes, $0
  73. Remote Stack Overflow Vulnerability (DoS) to Brave Software - 1 upvotes, $0
  74. Download of (later executed) .NET installer over insecure channel to Brave Software - 1 upvotes, $0
  75. Arbitrary local code execution via DLL hijacking from executable installer to Brave Software - 1 upvotes, $0
  76. DOS in browser using window.print() function to Brave Software - 0 upvotes, $0
  77. Denial of service(POP UP Recursion) on Brave browser to Brave Software - 0 upvotes, $0
  78. Brave allows flash to follow 307 redirects to other origins with arbitrary content-types to Brave Software - 0 upvotes, $0
  79. Cross-origin resource sharing misconfiguration (CORS) to Brave Software - 0 upvotes, $0

Back